Solved

Suppress Event Log Message

Posted on 2010-09-09
4
1,624 Views
Last Modified: 2013-11-05
Does anyone know of a way to suppress a specific Event Log Message that is constantly writing to the Event Log?

Thanks!
0
Comment
Question by:meade470
  • 2
4 Comments
 
LVL 3

Expert Comment

by:Bogeholm
ID: 33640659
Hi meade470

Maybe you need to be a bit more specific.

Is it a message from Windows or from a 3rd party application.

There are methods for suppressing some events in the Security eventlog

-M
0
 
LVL 2

Author Comment

by:meade470
ID: 33640725
There are several, actually. As an example, this one from Endpoint fills our logs whenever a virus scan runs, which is daily:

Event Type:      Warning
Event Source:      Symantec AntiVirus
Event Category:      None
Event ID:      6
Date:            9/7/2010
Time:            6:01:35 AM
User:            N/A
Computer:      CORP-SERVER
Description:
 

Could not scan 1 files inside [NAME OF FILE, WHICH IS USUALLY A COMPRESSED FILE, ETC.]

0
 
LVL 2

Author Comment

by:meade470
ID: 33640808
Here's another example from the System Log

Event Type:      Information
Event Source:      WinHttpAutoProxySvc
Event Category:      None
Event ID:      12503
Date:            9/9/2010
Time:            11:17:07 AM
User:            N/A
Computer:      CORP-SERVER
Description:
The description for Event ID ( 12503 ) in Source ( WinHttpAutoProxySvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: 15.
0
 
LVL 7

Accepted Solution

by:
jesaja earned 500 total points
ID: 33641711
If you have a look in hklm\system\curentcontrollset\services\eventlog

you will find all apps, services listed that will report to event log.

But I wouldn't delete anything

for symantec it is normal that it reports maybe search for disabling warnings for symantec av

for the other        WinHttpAutoProxySvc this is a service check it it is correct installed or there are some entries left in the registry

check this out
http://forums.techarena.in/small-business-server/450520.htm

Event logs must be integer therefore it will not be possible to suppress anything rather check the error
You could filter the log but this feature is limited
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Learn about cloud computing and its benefits for small business owners.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now